Windows 8 secure boot could complicate Linux installs

On new hardware, the Windows 8 secure boot feature will prevent the booting of …

PC users who run Windows and Linux on the same machine will want to do some research before purchasing a Windows 8 computer. That's because systems with a "Designed for Windows 8" logo must ship with UEFI secure booting enabled—a move that prevents booting operating systems that aren’t signed by a trusted Certificate Authority.

This could pose a problem for Linux users, though in practice most can just change UEFI settings to disable secure boot before installing the open-source OS. But users will have to depend on hardware vendors to make this option possible in the first place.

Disabling secure boot

“Microsoft requires that machines conforming to the Windows 8 logo program and running a client version of Windows 8 ship with secure boot enabled,” Red Hat developer Matthew Garrett writes on his blog in reference to a recent presentation by Microsoft program manager Arie van der Hoeven. The Microsoft exec notes that UEFI and secure boot are “required for Windows 8 client” with the result that “all firmware and software in the boot process must be signed by a trusted Certificate Authority.”

Microsoft has a good reason for this. A “growing class of malware targets the boot path [and] often the only fix is to reinstall the operating system,” van der Hoeven said. “UEFI and secure boot harden the boot process [and] reduce the likelihood of bootkits, rootkits and ransomware.”

Importantly, though, Garrett writes that “there’s no indication that Microsoft will prevent vendors from providing firmware support for disabling this feature and running unsigned code.”

For many (and hopefully most) Windows 8 machines, this means that users have a good chance of successfully entering the UEFI settings interface to turn off secure boot. But this will depend on the hardware vendor.

“Experience indicates that many firmware vendors and OEMs are interested in providing only the minimum of firmware functionality required for their market,” Garrett writes. “It's almost certainly the case that some systems will ship with the option of disabling this. Equally, it's almost certainly the case that some systems won't. It's probably not worth panicking yet. But it is worth being concerned.”

Technically, vendors can ship Windows 8 PCs without meeting Microsoft's "designed for Windows 8" logo requirements, but major OEMs typically would not do that.

The Windows 8 developer tablet Microsoft handed out at this month’s BUILD conference did include the ability to turn off the secure boot process. This is reminiscent of Google’s Cr-48 Chromebook, which allowed users to turn off the Verified Boot process and install another operating system, though this involved flipping a physical switch instead of changing a software setting.

A signed OS

Besides disabling the Windows 8 secure boot process, another option for Linux lovers is installing a signed version of Linux. But “this poses several problems,” Garrett notes. “Firstly, we'd need a non-GPL bootloader. Grub 2 is released under the GPLv3, which explicitly requires that we provide the signing keys. Grub is under GPLv2 which lacks the explicit requirement for keys, but it could be argued that the requirement for the scripts used to control compilation includes that. It's a grey area, and exploiting it would be a pretty good show of bad faith. Secondly, in the near future the design of the kernel will mean that the kernel itself is part of the bootloader. This means that kernels will also have to be signed. Making it impossible for users or developers to build their own kernels is not practical. Finally, if we self-sign, it's still necessary to get our keys included by every OEM.”

Current machines dual-booting Windows 7 and Linux should be able to upgrade to Windows 8 without wiping out the Linux install. As Microsoft notes in the Building Windows 8 blog, “We will continue to support the legacy BIOS interface.” However, machines using UEFI instead of BIOS “will have significantly richer capabilities” including faster boot times and greater security.

Ultimately, the Windows 8 changes aren’t likely to wipe out Linux dual-boot scenarios, but they could restrict the types of hardware that will allow them. PC users who would boot two operating systems tend to be highly technical, though, so we expect they’ll find the necessary workarounds.